An Experimental Approach for Estimating Cyber Risk: A Proposal Building upon Cyber Ranges and Capture the Flags

G. Di Tizio, F. Massacci, L. Allodi, S. Dashevskyi, J. Mirkovic

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

Current approaches to estimate the risk of compromise are based on either historical data or pure technical assessments, such as the number and severity of vulnerabilities in the target network. We propose a novel experimental approach for estimating the risk of compromise based on experimental data, as opposed to observational data, by leveraging on cyber ranges and capture the flag exercises. We identify the key design principles in terms of response and explanatory variables, specification of how they can be measured, and the overall block design from related experiments and approaches as well as assess their suitability and limitations.
Original languageEnglish
Title of host publication5th IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)
Subtitle of host publication[Proceedings]
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages56-65
Number of pages10
ISBN (Electronic)9781728185972
ISBN (Print)9781728185989
DOIs
Publication statusPublished - 2020
Event5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020 - Virtual, Genoa, Italy
Duration: 7 Sept 202011 Sept 2020

Conference

Conference5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020
Country/TerritoryItaly
CityVirtual, Genoa
Period7/09/2011/09/20

Funding

This research has been partly funded by the EU under the H2020 Programs H2020-EU.2.1.1-CyberSec4Europe (Grant No. 830929)

FundersFunder number
European Commission830929

    Fingerprint

    Dive into the research topics of 'An Experimental Approach for Estimating Cyber Risk: A Proposal Building upon Cyber Ranges and Capture the Flags'. Together they form a unique fingerprint.

    Cite this